* Re: Pull request: sfc-next 2013-08-25
From: Ben Hutchings @ 2013-08-27 16:26 UTC (permalink / raw)
To: David Miller; +Cc: netdev, linux-net-drivers
In-Reply-To: <20130827.121826.532177208564127527.davem@davemloft.net>
On Tue, 2013-08-27 at 12:18 -0400, David Miller wrote:
> From: Ben Hutchings <bhutchings@solarflare.com>
> Date: Sun, 25 Aug 2013 23:56:03 +0100
>
> > The following changes since commit f073dde03b3e8d11050d82f52caaf75fd924e069:
> >
> > sfc: Make efx_mcdi_init() call efx_mcdi_handle_assertion() (2013-08-21 19:43:09 +0100)
> >
> > are available in the git repository at:
> >
> > git://git.kernel.org/pub/scm/linux/kernel/git/bwh/sfc-next.git for-davem
> >
> > for you to fetch changes up to f76fe120d81c96fa2a17ae41f0647c963dbb43cd:
> >
> > sfc: Update and improve kernel-doc for efx_mcdi_state & efx_mcdi_iface (2013-08-21 20:20:41 +0100)
> >
> > 1. Refactoring and cleanup in preparation for new hardware support.
> > 2. Some bug fixes for firmware completion handling. (They're not known
> > to cause real problems, otherwise I'd be submitting these for net and
> > stable.)
> > 3. Update to the firmware protocol (MCDI) definitions.
>
> Pulled, but I want to point out an existing issue which is that using
> an atomic_t for mcdi->state is bogus. You're only using atomic_set()
> and atomic_read() on the value, and that provides no "atomicity" per-se.
Thanks. I don't know what you looked for, but there are actually two
atomic_cmpxchg() calls in mcdi.c.
Ben.
--
Ben Hutchings, Staff Engineer, Solarflare
Not speaking for my employer; that's the marketing department's job.
They asked us to note that Solarflare product names are trademarked.
^ permalink raw reply
* Re: [PATCH net-next] {ipv4,xfrm}: Introduce xfrm_tunnel_notifier for xfrm tunnel mode callback
From: David Miller @ 2013-08-27 16:23 UTC (permalink / raw)
To: steffen.klassert; +Cc: fan.du, saurabh.mohan, herbert, netdev
In-Reply-To: <20130827092856.GC7660@secunet.com>
From: Steffen Klassert <steffen.klassert@secunet.com>
Date: Tue, 27 Aug 2013 11:28:56 +0200
> I'd take this into ipsec-next and update the the ipv6 vti patch
> according to your changes if David does not mind.
This is fine.
^ permalink raw reply
* Re: [PATCH 0/2] net/cadence/macb: add support for dt phy definition
From: David Miller @ 2013-08-27 16:20 UTC (permalink / raw)
To: b.brezillon
Cc: nicolas.ferre, rob.herring, pawel.moll, mark.rutland, swarren,
ian.campbell, linux, f.fainelli, netdev, linux-kernel,
linux-arm-kernel, devicetree
In-Reply-To: <521C586A.7080604@overkiz.com>
From: boris brezillon <b.brezillon@overkiz.com>
Date: Tue, 27 Aug 2013 09:42:34 +0200
> Could you apply, the 3rd version of this series instead ?
There can never be an "instead" or reverting patches I've said I've
applied already.
If you want changes, you have to submit follow-on fixes.
^ permalink raw reply
* Re: Pull request: sfc-next 2013-08-25
From: David Miller @ 2013-08-27 16:18 UTC (permalink / raw)
To: bhutchings; +Cc: netdev, linux-net-drivers
In-Reply-To: <1377471363.2586.69.camel@deadeye.wl.decadent.org.uk>
From: Ben Hutchings <bhutchings@solarflare.com>
Date: Sun, 25 Aug 2013 23:56:03 +0100
> The following changes since commit f073dde03b3e8d11050d82f52caaf75fd924e069:
>
> sfc: Make efx_mcdi_init() call efx_mcdi_handle_assertion() (2013-08-21 19:43:09 +0100)
>
> are available in the git repository at:
>
> git://git.kernel.org/pub/scm/linux/kernel/git/bwh/sfc-next.git for-davem
>
> for you to fetch changes up to f76fe120d81c96fa2a17ae41f0647c963dbb43cd:
>
> sfc: Update and improve kernel-doc for efx_mcdi_state & efx_mcdi_iface (2013-08-21 20:20:41 +0100)
>
> 1. Refactoring and cleanup in preparation for new hardware support.
> 2. Some bug fixes for firmware completion handling. (They're not known
> to cause real problems, otherwise I'd be submitting these for net and
> stable.)
> 3. Update to the firmware protocol (MCDI) definitions.
Pulled, but I want to point out an existing issue which is that using
an atomic_t for mcdi->state is bogus. You're only using atomic_set()
and atomic_read() on the value, and that provides no "atomicity" per-se.
^ permalink raw reply
* Re: pcie_get_minimum_link returns 0 width
From: Bjorn Helgaas @ 2013-08-27 16:13 UTC (permalink / raw)
To: Yuval Mintz
Cc: jacob.e.keller@intel.com, linux-pci@vger.kernel.org,
netdev@vger.kernel.org, Jiang Liu
In-Reply-To: <CAErSpo6pCzw6Gjn+SCFhu7PnBpHkUz0oqO+tGmmOH8NxoMiH6g@mail.gmail.com>
On Tue, Aug 27, 2013 at 07:57:20AM -0600, Bjorn Helgaas wrote:
> [+cc Jiang]
>
> On Tue, Aug 27, 2013 at 1:40 AM, Yuval Mintz <yuvalmin@broadcom.com> wrote:
> >> On Mon, Aug 26, 2013 at 5:36 PM, Yuval Mintz <yuvalmin@broadcom.com>
> >> wrote:
> >> >> > Hi,
> >> >> >
> >> >> > I tried adding support for the newly added 'pcie_get_minimum_link' into
> >> >> the
> >> >> > bnx2x driver, but found out the some of my devices started showing
> >> width
> >> >> x0.
> >> >> >
> >> >> > By adding debug prints, I've found out there were devices up the chain
> >> that
> >> >> > Showed 0 when their PCI_EXP_LNKSTA was read by said function.
> >> >> > However, when I tried looking via lspci the output claimed the width was
> >> >> x4.
> >> Looking at its implementation, one obvious difference is that
> >> pcie_get_minimum_link() traverses up the hierarchy and keeps track of
> >> the minimum values it finds. lspci, on the other hand, just reads
> >> PCI_EXP_LNKSTA from a single device and decodes it.
> >>
> >> You said lspci reports x4 for every device from the Root Port all the
> >> way down to your NIC, so I would think the minimum from
> >> pcie_get_minimum_link() would be x4. But apparently it's not. Maybe
> >> there's a bug in it. Can you post the complete "lspci -vv" output
> >> along with your debug patch and output?
> >>
> >> Bjorn
> >
> > Here's the patch:
> > ---
> > drivers/pci/pci.c | 8 +++++++-
> > 1 files changed, 7 insertions(+), 1 deletions(-)
> >
> > diff --git a/drivers/pci/pci.c b/drivers/pci/pci.c
> > index c71e78c..72cb87b 100644
> > --- a/drivers/pci/pci.c
> > +++ b/drivers/pci/pci.c
> > @@ -3601,13 +3601,19 @@ int pcie_get_minimum_link(struct pci_dev *dev, enum pci_bus_speed *speed,
> > enum pcie_link_width next_width;
> >
> > ret = pcie_capability_read_word(dev, PCI_EXP_LNKSTA, &lnksta);
> > - if (ret)
> > + if (ret) {
> > + printk(KERN_ERR "Failed to Read LNKSTA\n");
> > return ret;
> > + }
> >
> > next_speed = pcie_link_speed[lnksta & PCI_EXP_LNKSTA_CLS];
> > next_width = (lnksta & PCI_EXP_LNKSTA_NLW) >>
> > PCI_EXP_LNKSTA_NLW_SHIFT;
> >
> > + printk(KERN_ERR "LnkSta %04x [%04x:%02x.%02x]\n",
> > + lnksta, dev->bus->number, PCI_SLOT(dev->devfn),
> > + PCI_FUNC(dev->devfn));
>
> I think pcie_cap_has_lnkctl() is incorrect: it currently thinks only
> Root Ports, Endpoints, and Legacy Endpoints have link registers. But
> I think switch ports (Upstream Ports and Downstream Ports) also have
> link registers (PCIe spec r3.0, sec 7.8). Jiang?
Yuval, can you try the patch below?
PCI: Allow access to link-related registers for switch and bridge ports
From: Bjorn Helgaas <bhelgaas@google.com>
Every PCIe device has a link, except Root Complex Integrated Endpoints
and Root Complex Event Collectors. Previously we didn't give access
to PCIe capability link-related registers for Upstream Ports, Downstream
Ports, and bridges, so attempts to read PCI_EXP_LNKCTL returned zero.
See PCIe spec r3.0, sec 7.8 and 1.3.2.3.
Reported-by: Yuval Mintz <yuvalmin@broadcom.com>
Signed-off-by: Bjorn Helgaas <bhelgaas@google.com>
---
drivers/pci/access.c | 5 ++---
1 file changed, 2 insertions(+), 3 deletions(-)
diff --git a/drivers/pci/access.c b/drivers/pci/access.c
index 1cc2366..46dd5ad 100644
--- a/drivers/pci/access.c
+++ b/drivers/pci/access.c
@@ -485,9 +485,8 @@ static inline bool pcie_cap_has_lnkctl(const struct pci_dev *dev)
int type = pci_pcie_type(dev);
return pcie_cap_version(dev) > 1 ||
- type == PCI_EXP_TYPE_ROOT_PORT ||
- type == PCI_EXP_TYPE_ENDPOINT ||
- type == PCI_EXP_TYPE_LEG_END;
+ !(type == PCI_EXP_TYPE_RC_END ||
+ type == PCI_EXP_TYPE_RC_EC);
}
static inline bool pcie_cap_has_sltctl(const struct pci_dev *dev)
^ permalink raw reply related
* [PATCH] Add WLI-UC-G300HP's Product ID.
From: Masami Ichikawa @ 2013-08-27 15:37 UTC (permalink / raw)
To: IvDoorn, gwingerde, helmut.schaa, linville
Cc: Masami Ichikawa, linux-wireless, users, netdev, linux-kernel
Support Bufallo WLI-UC-G300HP.
Signed-off-by: Masami Ichikawa <masami256@gmail.com>
---
drivers/net/wireless/rt2x00/rt2800usb.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/drivers/net/wireless/rt2x00/rt2800usb.c b/drivers/net/wireless/rt2x00/rt2800usb.c
index 840833b..518277d 100644
--- a/drivers/net/wireless/rt2x00/rt2800usb.c
+++ b/drivers/net/wireless/rt2x00/rt2800usb.c
@@ -977,6 +977,7 @@ static struct usb_device_id rt2800usb_device_table[] = {
{ USB_DEVICE(0x0411, 0x016f) },
{ USB_DEVICE(0x0411, 0x01a2) },
{ USB_DEVICE(0x0411, 0x01ee) },
+ { USB_DEVICE(0x0411, 0x01a8) },
/* Corega */
{ USB_DEVICE(0x07aa, 0x002f) },
{ USB_DEVICE(0x07aa, 0x003c) },
--
1.8.3.1
^ permalink raw reply related
* Re: [PATCH] tipc: set sk_err correctly when connection fails
From: Erik Hugne @ 2013-08-27 15:18 UTC (permalink / raw)
To: Paul Gortmaker; +Cc: netdev, jon.maloy, ying.xue, tipc-discussion, nhan.tt.vo
In-Reply-To: <521CA797.2010109@windriver.com>
On Tue, Aug 27, 2013 at 09:20:23AM -0400, Paul Gortmaker wrote:
> What was the high level user visible symptom in this case?
> Stalled connections or ... ?
Should the connect fail, if the publication/server is unavailable or some other
error. The connect() call returns the error code directly (as a positive value).
[...]
socket(0x1e /* PF_??? */, SOCK_SEQPACKET, 0) = 3
setsockopt(3, 0x10f /* SOL_?? */, 129, [0], 4) = 0
setsockopt(3, 0x10f /* SOL_?? */, 127, [0], 4) = 0
connect(3, {sa_family=0x1e /* AF_??? */, sa_data="\2\1\322\4\0\0\322\4\0\0\0\0\0\0"}, 16) = 111
sendto(3, "\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"..., 66000, 0, NULL, 0) = -1 EPIPE (Broken pipe)
In the strace above, error checking was done as:
if (connect(fd,.....) < 0)
perror("connect");
//E
^ permalink raw reply
* [PATCH] virtio-net: Set RXCSUM feature if GUEST_CSUM is available
From: Thomas Huth @ 2013-08-27 15:09 UTC (permalink / raw)
To: virtualization; +Cc: netdev, Thomas Huth
If the VIRTIO_NET_F_GUEST_CSUM virtio feature is available, the guest
does not have to calculate the checksums on all received packets. This
is pretty much the same feature as RX checksum offloading on real
network cards, so the virtio-net driver should report this by setting
the NETIF_F_RXCSUM flag. When the user now runs "ethtool -k", he or she
can see whether the virtio-net interface has to calculate RX checksums
or not.
Signed-off-by: Thomas Huth <thuth@linux.vnet.ibm.com>
---
drivers/net/virtio_net.c | 2 ++
1 file changed, 2 insertions(+)
diff --git a/drivers/net/virtio_net.c b/drivers/net/virtio_net.c
index f216002..defec2b 100644
--- a/drivers/net/virtio_net.c
+++ b/drivers/net/virtio_net.c
@@ -1538,6 +1538,8 @@ static int virtnet_probe(struct virtio_device *vdev)
dev->features |= dev->hw_features & (NETIF_F_ALL_TSO|NETIF_F_UFO);
/* (!csum && gso) case will be fixed by register_netdev() */
}
+ if (virtio_has_feature(vdev, VIRTIO_NET_F_GUEST_CSUM))
+ dev->features |= NETIF_F_RXCSUM;
dev->vlan_features = dev->features;
--
1.8.1.4
^ permalink raw reply related
* Re: niu lock-up (Transmit timed out, resetting) and NETDEV WATCHDOG
From: Andrew Brooks @ 2013-08-27 15:01 UTC (permalink / raw)
To: Linux Net-Dev Mailing List, Linux Kernel Mailing List
In-Reply-To: <CAHOfOo0kdByd3T0LL4tBpy-aFtJS6bRK7D=rPc6Si0iv03CLKQ@mail.gmail.com>
Hi
> On 26 March 2013 13:44, Andrew Brooks <arb@sat.dundee.ac.uk> wrote:
>> Using niu driver for this card: Oracle/SUN Multithreaded 10-Gigabit
>> Ethernet Network Controller and after a period the interface will hang
>> with errors every 5 seconds
>> "niu: xxx: eth2: Transmit timed out, resetting"
Here's more information about the problem:
When the interface hangs we see these messages from the driver:
[3408740.816032] niu: niu_interrupt() ldg[ffff8807141d16d0](18)
v0[8000000000] v1[0] v2[0]
[3408740.816036] niu 0000:09:00.0: eth2: niu_txchan_intr() cs[b860b860000c000]
[3408740.816038] niu 0000:09:00.0: eth2: niu_poll_core() v0[0000008000000000]
[3408740.816040] niu 0000:09:00.0: eth2: niu_tx_work() pkt_cnt[0] cons[119]
[3408740.816042] niu: niu_interrupt() ldg[ffff8807141d16d0](18)
v0[8000000000] v1[0] v2[0]
[3408740.820004] [sched_delayed] sched: RT throttling activated
[3408740.824021] niu 0000:09:00.0: eth2: Disable interrupts
[3408740.824044] niu 0000:09:00.0: eth2: Disable RX MAC
[3408740.824048] niu 0000:09:00.0: eth2: Disable IPP
[3408740.824054] niu 0000:09:00.0: eth2: Stop TX channels
[3408740.824641] niu 0000:09:00.0: eth2: Stop RX channels
[3408740.824652] niu 0000:09:00.0: eth2: Reset TX channels
[3408740.825212] niu 0000:09:00.0: eth2: Reset RX channels
[3408740.825999] niu 0000:09:00.0: eth2: Initialize TXC
[3408740.826002] niu 0000:09:00.0: eth2: Initialize TX channels
However the interface doesn't recover :-(
Are there any clues there?
Thanks!
^ permalink raw reply
* [PATCH net-next v3] net: sctp: sctp_verify_init: clean up mandatory checks and add comment
From: Daniel Borkmann @ 2013-08-27 14:53 UTC (permalink / raw)
To: davem; +Cc: netdev, linux-sctp
Add a comment related to RFC4960 explaning why we do not check for initial
TSN, and while at it, remove yoda notation checks and clean up code from
checks of mandatory conditions. That's probably just really minor, but makes
reviewing easier.
Signed-off-by: Daniel Borkmann <dborkman@redhat.com>
Acked-by: Neil Horman <nhorman@tuxdriver.com>
---
v1->v2: update comment as Neil suggested
v2->v3: fix stupid typo in comment in range spotted by Sergei
net/sctp/sm_make_chunk.c | 26 ++++++++++++--------------
1 file changed, 12 insertions(+), 14 deletions(-)
diff --git a/net/sctp/sm_make_chunk.c b/net/sctp/sm_make_chunk.c
index 01e9783..e1c1531 100644
--- a/net/sctp/sm_make_chunk.c
+++ b/net/sctp/sm_make_chunk.c
@@ -2240,25 +2240,23 @@ int sctp_verify_init(struct net *net, const struct sctp_association *asoc,
struct sctp_chunk **errp)
{
union sctp_params param;
- int has_cookie = 0;
+ bool has_cookie = false;
int result;
- /* Verify stream values are non-zero. */
- if ((0 == peer_init->init_hdr.num_outbound_streams) ||
- (0 == peer_init->init_hdr.num_inbound_streams) ||
- (0 == peer_init->init_hdr.init_tag) ||
- (SCTP_DEFAULT_MINWINDOW > ntohl(peer_init->init_hdr.a_rwnd))) {
-
+ /* Check for missing mandatory parameters. Note: Initial TSN is
+ * also mandatory, but is not checked here since the valid range
+ * is 0..2**32-1. RFC4960, section 3.3.3.
+ */
+ if (peer_init->init_hdr.num_outbound_streams == 0 ||
+ peer_init->init_hdr.num_inbound_streams == 0 ||
+ peer_init->init_hdr.init_tag == 0 ||
+ ntohl(peer_init->init_hdr.a_rwnd) < SCTP_DEFAULT_MINWINDOW)
return sctp_process_inv_mandatory(asoc, chunk, errp);
- }
- /* Check for missing mandatory parameters. */
sctp_walk_params(param, peer_init, init_hdr.params) {
-
- if (SCTP_PARAM_STATE_COOKIE == param.p->type)
- has_cookie = 1;
-
- } /* for (loop through all parameters) */
+ if (param.p->type == SCTP_PARAM_STATE_COOKIE)
+ has_cookie = true;
+ }
/* There is a possibility that a parameter length was bad and
* in that case we would have stoped walking the parameters.
--
1.7.11.7
^ permalink raw reply related
* [PATCH 3/3] Send cgroup_path in SCM_CGROUP
From: Jan Kaluza @ 2013-08-27 14:40 UTC (permalink / raw)
To: davem; +Cc: LKML, netdev, eparis, rgb, Jan Kaluza
In-Reply-To: <1377614400-27122-1-git-send-email-jkaluza@redhat.com>
Signed-off-by: Jan Kaluza <jkaluza@redhat.com>
---
include/linux/socket.h | 1 +
include/net/af_unix.h | 1 +
include/net/scm.h | 15 +++++++++++++++
net/core/scm.c | 18 ++++++++++++++++++
net/unix/af_unix.c | 20 ++++++++++++++++++++
5 files changed, 55 insertions(+)
diff --git a/include/linux/socket.h b/include/linux/socket.h
index 6c7ace0..621fff1 100644
--- a/include/linux/socket.h
+++ b/include/linux/socket.h
@@ -133,6 +133,7 @@ static inline struct cmsghdr * cmsg_nxthdr (struct msghdr *__msg, struct cmsghdr
#define SCM_AUDIT 0x04 /* rw: struct uaudit */
#define SCM_PROCINFO 0x05 /* rw: comm + cmdline (NULL terminated
array of char *) */
+#define SCM_CGROUP 0x06 /* rw: cgroup path */
struct ucred {
__u32 pid;
diff --git a/include/net/af_unix.h b/include/net/af_unix.h
index 05c7678..c49bf35 100644
--- a/include/net/af_unix.h
+++ b/include/net/af_unix.h
@@ -32,6 +32,7 @@ struct unix_skb_parms_scm {
unsigned int sessionid;
char *procinfo;
int procinfo_len;
+ char *cgroup_path;
};
struct unix_skb_parms {
diff --git a/include/net/scm.h b/include/net/scm.h
index 3346030..5398826 100644
--- a/include/net/scm.h
+++ b/include/net/scm.h
@@ -41,6 +41,7 @@ struct scm_cookie {
struct scm_creds creds; /* Skb credentials */
struct scm_audit audit; /* Skb audit */
struct scm_procinfo procinfo; /* Skb procinfo */
+ char *cgroup_path;
#ifdef CONFIG_SECURITY_NETWORK
u32 secid; /* Passed security ID */
#endif
@@ -52,6 +53,7 @@ extern int __scm_send(struct socket *sock, struct msghdr *msg, struct scm_cookie
extern void __scm_destroy(struct scm_cookie *scm);
extern struct scm_fp_list * scm_fp_dup(struct scm_fp_list *fpl);
extern int scm_get_current_procinfo(char **procinfo);
+extern int scm_get_current_cgroup_path(char **cgroup_path);
#ifdef CONFIG_SECURITY_NETWORK
static __inline__ void unix_get_peersec_dgram(struct socket *sock, struct scm_cookie *scm)
@@ -86,6 +88,12 @@ static inline void scm_set_procinfo(struct scm_cookie *scm,
scm->procinfo.len = len;
}
+static inline void scm_set_cgroup_path(struct scm_cookie *scm,
+ char *cgroup_path)
+{
+ scm->cgroup_path = cgroup_path;
+}
+
static __inline__ void scm_destroy_cred(struct scm_cookie *scm)
{
put_pid(scm->pid);
@@ -140,6 +148,9 @@ static inline void scm_passec(struct socket *sock, struct msghdr *msg, struct sc
security_release_secctx(secdata, seclen);
}
}
+
+ kfree(scm->cgroup_path);
+ scm->cgroup_path = NULL;
}
#else
static inline void scm_passec(struct socket *sock, struct msghdr *msg, struct scm_cookie *scm)
@@ -172,6 +183,10 @@ static __inline__ void scm_recv(struct socket *sock, struct msghdr *msg,
put_cmsg(msg, SOL_SOCKET, SCM_AUDIT, sizeof(uaudits), &uaudits);
put_cmsg(msg, SOL_SOCKET, SCM_PROCINFO, scm->procinfo.len,
scm->procinfo.procinfo);
+ if (scm->cgroup_path) {
+ put_cmsg(msg, SOL_SOCKET, SCM_CGROUP,
+ strlen(scm->cgroup_path), scm->cgroup_path);
+ }
}
scm_destroy_cred(scm);
diff --git a/net/core/scm.c b/net/core/scm.c
index 09ec044..2d408b9 100644
--- a/net/core/scm.c
+++ b/net/core/scm.c
@@ -404,3 +404,21 @@ out:
return res;
}
EXPORT_SYMBOL(scm_get_current_procinfo);
+
+int scm_get_current_cgroup_path(char **cgroup_path)
+{
+ int ret = 0;
+
+ *cgroup_path = kmalloc(PAGE_SIZE, GFP_KERNEL);
+ if (!(*cgroup_path))
+ return -ENOMEM;
+
+ ret = task_cgroup_path(current, *cgroup_path, PAGE_SIZE);
+ if (ret < 0) {
+ kfree(*cgroup_path);
+ *cgroup_path = NULL;
+ }
+
+ return ret;
+}
+EXPORT_SYMBOL(scm_get_current_cgroup_path);
diff --git a/net/unix/af_unix.c b/net/unix/af_unix.c
index ab0be13..b638083 100644
--- a/net/unix/af_unix.c
+++ b/net/unix/af_unix.c
@@ -1344,6 +1344,7 @@ static void unix_destruct_scm(struct sk_buff *skb)
if (UNIXCB(skb).scm) {
scm.procinfo.procinfo = UNIXSCM(skb).procinfo;
scm.procinfo.len = UNIXSCM(skb).procinfo_len;
+ scm.cgroup_path = UNIXSCM(skb).cgroup_path;
}
if (UNIXCB(skb).fp)
unix_detach_fds(&scm, skb);
@@ -1420,6 +1421,14 @@ static int unix_scm_to_skb(struct scm_cookie *scm, struct sk_buff *skb, bool sen
return -ENOMEM;
}
+ UNIXSCM(skb).cgroup_path = NULL;
+ if (scm->cgroup_path) {
+ UNIXSCM(skb).cgroup_path = kstrdup(scm->cgroup_path,
+ GFP_KERNEL);
+ if (!UNIXSCM(skb).cgroup_path)
+ return -ENOMEM;
+ }
+
skb->destructor = unix_destruct_scm;
return err;
}
@@ -1443,6 +1452,7 @@ static void maybe_add_creds(struct sk_buff *skb, const struct socket *sock,
UNIXSCM(skb).sessionid = audit_get_sessionid(current);
UNIXSCM(skb).procinfo_len = scm_get_current_procinfo(
&UNIXSCM(skb).procinfo);
+ scm_get_current_cgroup_path(&UNIXSCM(skb).cgroup_path);
}
}
@@ -1849,6 +1859,11 @@ static int unix_dgram_recvmsg(struct kiocb *iocb, struct socket *sock,
GFP_KERNEL),
UNIXSCM(skb).procinfo_len);
}
+ if (UNIXSCM(skb).cgroup_path) {
+ scm_set_cgroup_path(siocb->scm,
+ kstrdup(UNIXSCM(skb).cgroup_path,
+ GFP_KERNEL));
+ }
}
unix_set_secdata(siocb->scm, skb);
@@ -2042,6 +2057,11 @@ again:
GFP_KERNEL),
UNIXSCM(skb).procinfo_len);
}
+ if (UNIXSCM(skb).cgroup_path) {
+ scm_set_cgroup_path(siocb->scm,
+ kstrdup(UNIXSCM(skb).cgroup_path,
+ GFP_KERNEL));
+ }
}
check_creds = 1;
}
--
1.8.3.1
^ permalink raw reply related
* [PATCH 2/3] Send comm and cmdline in SCM_PROCINFO
From: Jan Kaluza @ 2013-08-27 14:39 UTC (permalink / raw)
To: davem; +Cc: LKML, netdev, eparis, rgb, Jan Kaluza
In-Reply-To: <1377614400-27122-1-git-send-email-jkaluza@redhat.com>
Signed-off-by: Jan Kaluza <jkaluza@redhat.com>
---
include/linux/socket.h | 2 ++
include/net/af_unix.h | 11 +++++++--
include/net/scm.h | 24 +++++++++++++++++++
net/core/scm.c | 65 ++++++++++++++++++++++++++++++++++++++++++++++++++
net/unix/af_unix.c | 57 +++++++++++++++++++++++++++++++++++++------
5 files changed, 150 insertions(+), 9 deletions(-)
diff --git a/include/linux/socket.h b/include/linux/socket.h
index 505047a..6c7ace0 100644
--- a/include/linux/socket.h
+++ b/include/linux/socket.h
@@ -131,6 +131,8 @@ static inline struct cmsghdr * cmsg_nxthdr (struct msghdr *__msg, struct cmsghdr
#define SCM_CREDENTIALS 0x02 /* rw: struct ucred */
#define SCM_SECURITY 0x03 /* rw: security label */
#define SCM_AUDIT 0x04 /* rw: struct uaudit */
+#define SCM_PROCINFO 0x05 /* rw: comm + cmdline (NULL terminated
+ array of char *) */
struct ucred {
__u32 pid;
diff --git a/include/net/af_unix.h b/include/net/af_unix.h
index 3b9d22a..05c7678 100644
--- a/include/net/af_unix.h
+++ b/include/net/af_unix.h
@@ -27,6 +27,13 @@ struct unix_address {
struct sockaddr_un name[0];
};
+struct unix_skb_parms_scm {
+ kuid_t loginuid;
+ unsigned int sessionid;
+ char *procinfo;
+ int procinfo_len;
+};
+
struct unix_skb_parms {
struct pid *pid; /* Skb credentials */
kuid_t uid;
@@ -36,12 +43,12 @@ struct unix_skb_parms {
u32 secid; /* Security ID */
#endif
u32 consumed;
- kuid_t loginuid;
- unsigned int sessionid;
+ struct unix_skb_parms_scm *scm;
};
#define UNIXCB(skb) (*(struct unix_skb_parms *)&((skb)->cb))
#define UNIXSID(skb) (&UNIXCB((skb)).secid)
+#define UNIXSCM(skb) (*(UNIXCB((skb)).scm))
#define unix_state_lock(s) spin_lock(&unix_sk(s)->lock)
#define unix_state_unlock(s) spin_unlock(&unix_sk(s)->lock)
diff --git a/include/net/scm.h b/include/net/scm.h
index e349a25..3346030 100644
--- a/include/net/scm.h
+++ b/include/net/scm.h
@@ -30,11 +30,17 @@ struct scm_fp_list {
struct file *fp[SCM_MAX_FD];
};
+struct scm_procinfo {
+ char *procinfo;
+ int len;
+};
+
struct scm_cookie {
struct pid *pid; /* Skb credentials */
struct scm_fp_list *fp; /* Passed files */
struct scm_creds creds; /* Skb credentials */
struct scm_audit audit; /* Skb audit */
+ struct scm_procinfo procinfo; /* Skb procinfo */
#ifdef CONFIG_SECURITY_NETWORK
u32 secid; /* Passed security ID */
#endif
@@ -45,6 +51,7 @@ extern void scm_detach_fds_compat(struct msghdr *msg, struct scm_cookie *scm);
extern int __scm_send(struct socket *sock, struct msghdr *msg, struct scm_cookie *scm);
extern void __scm_destroy(struct scm_cookie *scm);
extern struct scm_fp_list * scm_fp_dup(struct scm_fp_list *fpl);
+extern int scm_get_current_procinfo(char **procinfo);
#ifdef CONFIG_SECURITY_NETWORK
static __inline__ void unix_get_peersec_dgram(struct socket *sock, struct scm_cookie *scm)
@@ -72,10 +79,20 @@ static inline void scm_set_audit(struct scm_cookie *scm,
scm->audit.sessionid = sessionid;
}
+static inline void scm_set_procinfo(struct scm_cookie *scm,
+ char *procinfo, int len)
+{
+ scm->procinfo.procinfo = procinfo;
+ scm->procinfo.len = len;
+}
+
static __inline__ void scm_destroy_cred(struct scm_cookie *scm)
{
put_pid(scm->pid);
scm->pid = NULL;
+ kfree(scm->procinfo.procinfo);
+ scm->procinfo.procinfo = NULL;
+ scm->procinfo.len = 0;
}
static __inline__ void scm_destroy(struct scm_cookie *scm)
@@ -88,6 +105,8 @@ static __inline__ void scm_destroy(struct scm_cookie *scm)
static __inline__ int scm_send(struct socket *sock, struct msghdr *msg,
struct scm_cookie *scm, bool forcecreds)
{
+ char *procinfo;
+ int len;
memset(scm, 0, sizeof(*scm));
scm->creds.uid = INVALID_UID;
scm->creds.gid = INVALID_GID;
@@ -96,6 +115,9 @@ static __inline__ int scm_send(struct socket *sock, struct msghdr *msg,
current_gid());
scm_set_audit(scm, audit_get_loginuid(current),
audit_get_sessionid(current));
+ len = scm_get_current_procinfo(&procinfo);
+ if (len > 0)
+ scm_set_procinfo(scm, procinfo, len);
}
unix_get_peersec_dgram(sock, scm);
if (msg->msg_controllen <= 0)
@@ -148,6 +170,8 @@ static __inline__ void scm_recv(struct socket *sock, struct msghdr *msg,
};
put_cmsg(msg, SOL_SOCKET, SCM_CREDENTIALS, sizeof(ucreds), &ucreds);
put_cmsg(msg, SOL_SOCKET, SCM_AUDIT, sizeof(uaudits), &uaudits);
+ put_cmsg(msg, SOL_SOCKET, SCM_PROCINFO, scm->procinfo.len,
+ scm->procinfo.procinfo);
}
scm_destroy_cred(scm);
diff --git a/net/core/scm.c b/net/core/scm.c
index 03795d0..09ec044 100644
--- a/net/core/scm.c
+++ b/net/core/scm.c
@@ -339,3 +339,68 @@ struct scm_fp_list *scm_fp_dup(struct scm_fp_list *fpl)
return new_fpl;
}
EXPORT_SYMBOL(scm_fp_dup);
+
+int scm_get_current_procinfo(char **procinfo)
+{
+ int res = 0;
+ unsigned int len;
+ char *buffer = NULL;
+ struct mm_struct *mm;
+ int comm_len = strlen(current->comm);
+
+ *procinfo = NULL;
+
+ buffer = kmalloc(PAGE_SIZE, GFP_KERNEL);
+ if (!buffer)
+ return -ENOMEM;
+
+ mm = get_task_mm(current);
+ if (!mm)
+ goto out;
+ if (!mm->arg_end)
+ goto out_mm; /* Shh! No looking before we're done */
+
+ len = mm->arg_end - mm->arg_start;
+
+ if (len > PAGE_SIZE)
+ len = PAGE_SIZE;
+
+ res = access_process_vm(current, mm->arg_start, buffer, len, 0);
+
+ /* If the nul at the end of args has been overwritten, then
+ * assume application is using setproctitle(3).
+ */
+ if (res > 0 && buffer[res-1] != '\0' && len < PAGE_SIZE) {
+ len = strnlen(buffer, res);
+ if (len < res) {
+ res = len;
+ } else {
+ len = mm->env_end - mm->env_start;
+ if (len > PAGE_SIZE - res)
+ len = PAGE_SIZE - res;
+ res += access_process_vm(current, mm->env_start,
+ buffer+res, len, 0);
+ res = strnlen(buffer, res);
+ }
+ }
+
+ /* strlen(comm) + \0 + len of cmdline */
+ len = comm_len + 1 + res;
+ *procinfo = kmalloc(len, GFP_KERNEL);
+ if (!*procinfo) {
+ res = -ENOMEM;
+ goto out_mm;
+ }
+
+ memcpy(*procinfo, current->comm, comm_len + 1); /* include \0 */
+ if (res > 0)
+ memcpy(*procinfo + comm_len + 1, buffer, res);
+ res = len;
+
+out_mm:
+ mmput(mm);
+out:
+ kfree(buffer);
+ return res;
+}
+EXPORT_SYMBOL(scm_get_current_procinfo);
diff --git a/net/unix/af_unix.c b/net/unix/af_unix.c
index c410f76..ab0be13 100644
--- a/net/unix/af_unix.c
+++ b/net/unix/af_unix.c
@@ -1341,9 +1341,14 @@ static void unix_destruct_scm(struct sk_buff *skb)
struct scm_cookie scm;
memset(&scm, 0, sizeof(scm));
scm.pid = UNIXCB(skb).pid;
+ if (UNIXCB(skb).scm) {
+ scm.procinfo.procinfo = UNIXSCM(skb).procinfo;
+ scm.procinfo.len = UNIXSCM(skb).procinfo_len;
+ }
if (UNIXCB(skb).fp)
unix_detach_fds(&scm, skb);
+ kfree(UNIXCB(skb).scm);
/* Alas, it calls VFS */
/* So fscking what? fput() had been SMP-safe since the last Summer */
scm_destroy(&scm);
@@ -1390,15 +1395,31 @@ static int unix_scm_to_skb(struct scm_cookie *scm, struct sk_buff *skb, bool sen
{
int err = 0;
+ if (!UNIXCB(skb).scm) {
+ UNIXCB(skb).scm = kmalloc(sizeof(struct unix_skb_parms_scm),
+ GFP_KERNEL);
+ if (!UNIXCB(skb).scm)
+ return -ENOMEM;
+ }
+
UNIXCB(skb).pid = get_pid(scm->pid);
UNIXCB(skb).uid = scm->creds.uid;
UNIXCB(skb).gid = scm->creds.gid;
- UNIXCB(skb).loginuid = scm->audit.loginuid;
- UNIXCB(skb).sessionid = scm->audit.sessionid;
+ UNIXSCM(skb).loginuid = scm->audit.loginuid;
+ UNIXSCM(skb).sessionid = scm->audit.sessionid;
UNIXCB(skb).fp = NULL;
if (scm->fp && send_fds)
err = unix_attach_fds(scm, skb);
+ UNIXSCM(skb).procinfo = NULL;
+ if (scm->procinfo.procinfo) {
+ UNIXSCM(skb).procinfo_len = scm->procinfo.len;
+ UNIXSCM(skb).procinfo = kmemdup(scm->procinfo.procinfo,
+ scm->procinfo.len, GFP_KERNEL);
+ if (!UNIXSCM(skb).procinfo)
+ return -ENOMEM;
+ }
+
skb->destructor = unix_destruct_scm;
return err;
}
@@ -1418,8 +1439,10 @@ static void maybe_add_creds(struct sk_buff *skb, const struct socket *sock,
test_bit(SOCK_PASSCRED, &other->sk_socket->flags)) {
UNIXCB(skb).pid = get_pid(task_tgid(current));
current_uid_gid(&UNIXCB(skb).uid, &UNIXCB(skb).gid);
- UNIXCB(skb).loginuid = audit_get_loginuid(current);
- UNIXCB(skb).sessionid = audit_get_sessionid(current);
+ UNIXSCM(skb).loginuid = audit_get_loginuid(current);
+ UNIXSCM(skb).sessionid = audit_get_sessionid(current);
+ UNIXSCM(skb).procinfo_len = scm_get_current_procinfo(
+ &UNIXSCM(skb).procinfo);
}
}
@@ -1816,7 +1839,17 @@ static int unix_dgram_recvmsg(struct kiocb *iocb, struct socket *sock,
memset(&tmp_scm, 0, sizeof(tmp_scm));
}
scm_set_cred(siocb->scm, UNIXCB(skb).pid, UNIXCB(skb).uid, UNIXCB(skb).gid);
- scm_set_audit(siocb->scm, UNIXCB(skb).loginuid, UNIXCB(skb).sessionid);
+ if (UNIXCB(skb).scm) {
+ scm_set_audit(siocb->scm, UNIXSCM(skb).loginuid,
+ UNIXSCM(skb).sessionid);
+ if (UNIXSCM(skb).procinfo) {
+ scm_set_procinfo(siocb->scm,
+ kmemdup(UNIXSCM(skb).procinfo,
+ UNIXSCM(skb).procinfo_len,
+ GFP_KERNEL),
+ UNIXSCM(skb).procinfo_len);
+ }
+ }
unix_set_secdata(siocb->scm, skb);
if (!(flags & MSG_PEEK)) {
@@ -1998,8 +2031,18 @@ again:
} else if (test_bit(SOCK_PASSCRED, &sock->flags)) {
/* Copy credentials */
scm_set_cred(siocb->scm, UNIXCB(skb).pid, UNIXCB(skb).uid, UNIXCB(skb).gid);
- scm_set_audit(siocb->scm, UNIXCB(skb).loginuid,
- UNIXCB(skb).sessionid);
+ if (UNIXCB(skb).scm) {
+ scm_set_audit(siocb->scm,
+ UNIXSCM(skb).loginuid,
+ UNIXSCM(skb).sessionid);
+ if (UNIXSCM(skb).procinfo) {
+ scm_set_procinfo(siocb->scm,
+ kmemdup(UNIXSCM(skb).procinfo,
+ UNIXSCM(skb).procinfo_len,
+ GFP_KERNEL),
+ UNIXSCM(skb).procinfo_len);
+ }
+ }
check_creds = 1;
}
--
1.8.3.1
^ permalink raw reply related
* [PATCH 1/3] Send loginuid and sessionid in SCM_AUDIT
From: Jan Kaluza @ 2013-08-27 14:39 UTC (permalink / raw)
To: davem; +Cc: LKML, netdev, eparis, rgb, Jan Kaluza
In-Reply-To: <1377614400-27122-1-git-send-email-jkaluza@redhat.com>
Signed-off-by: Jan Kaluza <jkaluza@redhat.com>
---
include/linux/socket.h | 6 ++++++
include/net/af_unix.h | 2 ++
include/net/scm.h | 28 ++++++++++++++++++++++++++--
net/unix/af_unix.c | 7 +++++++
4 files changed, 41 insertions(+), 2 deletions(-)
diff --git a/include/linux/socket.h b/include/linux/socket.h
index 445ef75..505047a 100644
--- a/include/linux/socket.h
+++ b/include/linux/socket.h
@@ -130,6 +130,7 @@ static inline struct cmsghdr * cmsg_nxthdr (struct msghdr *__msg, struct cmsghdr
#define SCM_RIGHTS 0x01 /* rw: access rights (array of int) */
#define SCM_CREDENTIALS 0x02 /* rw: struct ucred */
#define SCM_SECURITY 0x03 /* rw: security label */
+#define SCM_AUDIT 0x04 /* rw: struct uaudit */
struct ucred {
__u32 pid;
@@ -137,6 +138,11 @@ struct ucred {
__u32 gid;
};
+struct uaudit {
+ __u32 loginuid;
+ __u32 sessionid;
+};
+
/* Supported address families. */
#define AF_UNSPEC 0
#define AF_UNIX 1 /* Unix domain sockets */
diff --git a/include/net/af_unix.h b/include/net/af_unix.h
index a175ba4..3b9d22a 100644
--- a/include/net/af_unix.h
+++ b/include/net/af_unix.h
@@ -36,6 +36,8 @@ struct unix_skb_parms {
u32 secid; /* Security ID */
#endif
u32 consumed;
+ kuid_t loginuid;
+ unsigned int sessionid;
};
#define UNIXCB(skb) (*(struct unix_skb_parms *)&((skb)->cb))
diff --git a/include/net/scm.h b/include/net/scm.h
index 8de2d37..e349a25 100644
--- a/include/net/scm.h
+++ b/include/net/scm.h
@@ -6,6 +6,7 @@
#include <linux/security.h>
#include <linux/pid.h>
#include <linux/nsproxy.h>
+#include <linux/audit.h>
/* Well, we should have at least one descriptor open
* to accept passed FDs 8)
@@ -18,6 +19,11 @@ struct scm_creds {
kgid_t gid;
};
+struct scm_audit {
+ kuid_t loginuid;
+ unsigned int sessionid;
+};
+
struct scm_fp_list {
short count;
short max;
@@ -28,6 +34,7 @@ struct scm_cookie {
struct pid *pid; /* Skb credentials */
struct scm_fp_list *fp; /* Passed files */
struct scm_creds creds; /* Skb credentials */
+ struct scm_audit audit; /* Skb audit */
#ifdef CONFIG_SECURITY_NETWORK
u32 secid; /* Passed security ID */
#endif
@@ -58,6 +65,13 @@ static __inline__ void scm_set_cred(struct scm_cookie *scm,
scm->creds.gid = gid;
}
+static inline void scm_set_audit(struct scm_cookie *scm,
+ kuid_t loginuid, unsigned int sessionid)
+{
+ scm->audit.loginuid = loginuid;
+ scm->audit.sessionid = sessionid;
+}
+
static __inline__ void scm_destroy_cred(struct scm_cookie *scm)
{
put_pid(scm->pid);
@@ -77,8 +91,12 @@ static __inline__ int scm_send(struct socket *sock, struct msghdr *msg,
memset(scm, 0, sizeof(*scm));
scm->creds.uid = INVALID_UID;
scm->creds.gid = INVALID_GID;
- if (forcecreds)
- scm_set_cred(scm, task_tgid(current), current_uid(), current_gid());
+ if (forcecreds) {
+ scm_set_cred(scm, task_tgid(current), current_uid(),
+ current_gid());
+ scm_set_audit(scm, audit_get_loginuid(current),
+ audit_get_sessionid(current));
+ }
unix_get_peersec_dgram(sock, scm);
if (msg->msg_controllen <= 0)
return 0;
@@ -123,7 +141,13 @@ static __inline__ void scm_recv(struct socket *sock, struct msghdr *msg,
.uid = from_kuid_munged(current_ns, scm->creds.uid),
.gid = from_kgid_munged(current_ns, scm->creds.gid),
};
+ struct uaudit uaudits = {
+ .loginuid = from_kuid_munged(current_ns,
+ scm->audit.loginuid),
+ .sessionid = scm->audit.sessionid,
+ };
put_cmsg(msg, SOL_SOCKET, SCM_CREDENTIALS, sizeof(ucreds), &ucreds);
+ put_cmsg(msg, SOL_SOCKET, SCM_AUDIT, sizeof(uaudits), &uaudits);
}
scm_destroy_cred(scm);
diff --git a/net/unix/af_unix.c b/net/unix/af_unix.c
index 86de99a..c410f76 100644
--- a/net/unix/af_unix.c
+++ b/net/unix/af_unix.c
@@ -1393,6 +1393,8 @@ static int unix_scm_to_skb(struct scm_cookie *scm, struct sk_buff *skb, bool sen
UNIXCB(skb).pid = get_pid(scm->pid);
UNIXCB(skb).uid = scm->creds.uid;
UNIXCB(skb).gid = scm->creds.gid;
+ UNIXCB(skb).loginuid = scm->audit.loginuid;
+ UNIXCB(skb).sessionid = scm->audit.sessionid;
UNIXCB(skb).fp = NULL;
if (scm->fp && send_fds)
err = unix_attach_fds(scm, skb);
@@ -1416,6 +1418,8 @@ static void maybe_add_creds(struct sk_buff *skb, const struct socket *sock,
test_bit(SOCK_PASSCRED, &other->sk_socket->flags)) {
UNIXCB(skb).pid = get_pid(task_tgid(current));
current_uid_gid(&UNIXCB(skb).uid, &UNIXCB(skb).gid);
+ UNIXCB(skb).loginuid = audit_get_loginuid(current);
+ UNIXCB(skb).sessionid = audit_get_sessionid(current);
}
}
@@ -1812,6 +1816,7 @@ static int unix_dgram_recvmsg(struct kiocb *iocb, struct socket *sock,
memset(&tmp_scm, 0, sizeof(tmp_scm));
}
scm_set_cred(siocb->scm, UNIXCB(skb).pid, UNIXCB(skb).uid, UNIXCB(skb).gid);
+ scm_set_audit(siocb->scm, UNIXCB(skb).loginuid, UNIXCB(skb).sessionid);
unix_set_secdata(siocb->scm, skb);
if (!(flags & MSG_PEEK)) {
@@ -1993,6 +1998,8 @@ again:
} else if (test_bit(SOCK_PASSCRED, &sock->flags)) {
/* Copy credentials */
scm_set_cred(siocb->scm, UNIXCB(skb).pid, UNIXCB(skb).uid, UNIXCB(skb).gid);
+ scm_set_audit(siocb->scm, UNIXCB(skb).loginuid,
+ UNIXCB(skb).sessionid);
check_creds = 1;
}
--
1.8.3.1
^ permalink raw reply related
* [PATCH 0/3] Send audit/procinfo/cgroup data in socket-level control message
From: Jan Kaluza @ 2013-08-27 14:39 UTC (permalink / raw)
To: davem; +Cc: LKML, netdev, eparis, rgb, Jan Kaluza
Hi,
this patchset against net-next (applies also to linux-next) adds 3 new types
of "Socket"-level control message (SCM_AUDIT, SCM_PROCINFO and SCM_CGROUP).
This is needed by journald (logging daemon used as part of systemd ecosystem)
to get additional context together with log messages received using UNIX socket.
Jan Kaluza (3):
Send loginuid and sessionid in SCM_AUDIT
Send comm and cmdline in SCM_PROCINFO
Send cgroup_path in SCM_CGROUP
include/linux/socket.h | 9 ++++++
include/net/af_unix.h | 10 ++++++
include/net/scm.h | 67 ++++++++++++++++++++++++++++++++++++++--
net/core/scm.c | 83 ++++++++++++++++++++++++++++++++++++++++++++++++++
net/unix/af_unix.c | 70 ++++++++++++++++++++++++++++++++++++++++++
5 files changed, 237 insertions(+), 2 deletions(-)
--
1.8.3.1
^ permalink raw reply
* Re: [PATCH net-next v2] net: sctp: sctp_verify_init: clean up mandatory checks and add comment
From: Sergei Shtylyov @ 2013-08-27 14:23 UTC (permalink / raw)
To: Daniel Borkmann; +Cc: davem, netdev, linux-sctp
In-Reply-To: <1377612363-10779-1-git-send-email-dborkman@redhat.com>
Hello.
On 27-08-2013 18:06, Daniel Borkmann wrote:
> Add a comment related to RFC4960 explaning why we do not check for initial
> TSN, and while at it, remove yoda notation checks and clean up code from
> checks of mandatory conditions. That's probably just really minor, but makes
> reviewing easier.
> Signed-off-by: Daniel Borkmann <dborkman@redhat.com>
> ---
> v1->v2: update comment as Neil suggested
> net/sctp/sm_make_chunk.c | 26 ++++++++++++--------------
> 1 file changed, 12 insertions(+), 14 deletions(-)
> diff --git a/net/sctp/sm_make_chunk.c b/net/sctp/sm_make_chunk.c
> index 01e9783..e1c1531 100644
> --- a/net/sctp/sm_make_chunk.c
> +++ b/net/sctp/sm_make_chunk.c
> @@ -2240,25 +2240,23 @@ int sctp_verify_init(struct net *net, const struct sctp_association *asoc,
> struct sctp_chunk **errp)
> {
> union sctp_params param;
> - int has_cookie = 0;
> + bool has_cookie = false;
> int result;
>
> - /* Verify stream values are non-zero. */
> - if ((0 == peer_init->init_hdr.num_outbound_streams) ||
> - (0 == peer_init->init_hdr.num_inbound_streams) ||
> - (0 == peer_init->init_hdr.init_tag) ||
> - (SCTP_DEFAULT_MINWINDOW > ntohl(peer_init->init_hdr.a_rwnd))) {
> -
> + /* Check for missing mandatory parameters. Note: Initial TSN is
> + * also mandatory, but is not checked here since the valid range
> + * is 0..2**(32-1). RFC4960, section 3.3.3.
I don't think you really meant 2**(32-1) == 2**31. Previously you wrote
2**32-1.
WBR, Sergei
^ permalink raw reply
* Re: [PATCH] net: fec: add the initial to set the physical mac address
From: Lucas Stach @ 2013-08-27 14:18 UTC (permalink / raw)
To: Fugang Duan
Cc: b20596, b45643, davem, netdev, shawn.guo, bhutchings, R49496,
stephen
In-Reply-To: <1377170269-8988-1-git-send-email-B38611@freescale.com>
Am Donnerstag, den 22.08.2013, 19:17 +0800 schrieb Fugang Duan:
> For imx6slx evk platform, the fec driver cannot work since there
> have no valid mac address set in physical mac registers.
>
> For imx serial platform, fec/enet IPs both need the physical MAC
> address initial, otherwise it cannot work.
>
> After acquiring the valid MAC address from devices tree/pfuse/
> kernel command line/random mac address, and then set it to the
> physical MAC address registers.
>
Yeah, we have also seen that we need to set this explicitly. The strange
thing is that I recall this used to work without calling
fec_set_mac_address() explicitly, so either the netdev core was calling
it at some point, or our userspace was. I didn't got around to
investigate this further.
So anyway:
Reviewed-by: Lucas Stach <l.stach@pengutronix.de>
> Signed-off-by: Fugang Duan <B38611@freescale.com>
> ---
> drivers/net/ethernet/freescale/fec_main.c | 9 ++++++---
> 1 files changed, 6 insertions(+), 3 deletions(-)
>
> diff --git a/drivers/net/ethernet/freescale/fec_main.c b/drivers/net/ethernet/freescale/fec_main.c
> index 4349a9e..9b5e08c 100644
> --- a/drivers/net/ethernet/freescale/fec_main.c
> +++ b/drivers/net/ethernet/freescale/fec_main.c
> @@ -1867,10 +1867,12 @@ fec_set_mac_address(struct net_device *ndev, void *p)
> struct fec_enet_private *fep = netdev_priv(ndev);
> struct sockaddr *addr = p;
>
> - if (!is_valid_ether_addr(addr->sa_data))
> - return -EADDRNOTAVAIL;
> + if (p) {
> + if (!is_valid_ether_addr(addr->sa_data))
> + return -EADDRNOTAVAIL;
>
> - memcpy(ndev->dev_addr, addr->sa_data, ndev->addr_len);
> + memcpy(ndev->dev_addr, addr->sa_data, ndev->addr_len);
> + }
>
> writel(ndev->dev_addr[3] | (ndev->dev_addr[2] << 8) |
> (ndev->dev_addr[1] << 16) | (ndev->dev_addr[0] << 24),
> @@ -1969,6 +1971,7 @@ static int fec_enet_init(struct net_device *ndev)
>
> /* Get the Ethernet address */
> fec_get_mac(ndev);
> + fec_set_mac_address(ndev, NULL);
>
> /* Set receive and transmit descriptor base. */
> fep->rx_bd_base = cbd_base;
--
Pengutronix e.K. | Lucas Stach |
Industrial Linux Solutions | http://www.pengutronix.de/ |
Peiner Str. 6-8, 31137 Hildesheim, Germany | Phone: +49-5121-206917-5076 |
Amtsgericht Hildesheim, HRA 2686 | Fax: +49-5121-206917-5555 |
^ permalink raw reply
* Re: [PATCH] ipv6:examine the IP source address legitimacy
From: Hannes Frederic Sowa @ 2013-08-27 14:20 UTC (permalink / raw)
To: Duan Jiong; +Cc: davem, netdev
In-Reply-To: <521C90A0.60708@cn.fujitsu.com>
On Tue, Aug 27, 2013 at 07:42:24PM +0800, Duan Jiong wrote:
> From: Duan Jiong <duanj.fnst@cn.fujitsu.com>
>
> RFC4861 8.1:
> The IP source address of the Redirect is the
> same as the current first-hop router for the
> specified ICMP Destination Address.
>
> Signed-off-by: Duan Jiong <duanj.fnst@cn.fujitsu.com>
> ---
> net/ipv6/route.c | 3 ++-
> 1 file changed, 2 insertions(+), 1 deletion(-)
>
> diff --git a/net/ipv6/route.c b/net/ipv6/route.c
> index 8d9a93e..d4f0f72 100644
> --- a/net/ipv6/route.c
> +++ b/net/ipv6/route.c
> @@ -1685,6 +1685,7 @@ static int ip6_route_del(struct fib6_config *cfg)
> static void rt6_do_redirect(struct dst_entry *dst, struct sock *sk, struct sk_buff *skb)
> {
> struct net *net = dev_net(skb->dev);
> + struct ipv6hdr *iph = ipv6_hdr(skb);
> struct netevent_redirect netevent;
> struct rt6_info *rt, *nrt = NULL;
> struct ndisc_options ndopts;
> @@ -1745,7 +1746,7 @@ static void rt6_do_redirect(struct dst_entry *dst, struct sock *sk, struct sk_bu
> }
>
> rt = (struct rt6_info *) dst;
> - if (rt == net->ipv6.ip6_null_entry) {
> + if (rt == net->ipv6.ip6_null_entry || !ipv6_addr_equal(&rt->rt6i_gateway, &iph->saddr)) {
> net_dbg_ratelimited("rt6_redirect: source isn't a valid nexthop for redirect target\n");
> return;
> }
Hmm, that's difficult...
There was once this check:
/*
* RFC 2461 specifies that redirects should only be
* accepted if they come from the nexthop to the target.
* Due to the way default routers are chosen, this notion
* is a bit fuzzy and one might need to check all default
* routers.
*/
if (!ipv6_addr_equal(saddr, &rt->rt6i_gateway)) {
if (rt->rt6i_flags & RTF_DEFAULT) {
struct rt6_info *rt1;
read_lock(&rt6_lock);
for (rt1 = ip6_routing_table.leaf; rt1; rt1 = rt1->u.next) {
if (ipv6_addr_equal(saddr, &rt1->rt6i_gateway)) {
dst_hold(&rt1->u.dst);
dst_release(&rt->u.dst);
read_unlock(&rt6_lock);
rt = rt1;
goto source_ok;
}
}
read_unlock(&rt6_lock);
}
if (net_ratelimit())
printk(KERN_DEBUG "rt6_redirect: source isn't a valid nexthop "
"for redirect target\n");
goto out;
}
And even got more complicated in commit
a6279458c534d01ccc39498aba61c93083ee0372 ("NDISC: Search over all possible
rules on receipt of redirect.").
Today we even have ECMP routes maybe making this decision even a bit
more complicated. But I agree, there should be a check, but it will be
a bit more complicated.
Greetings,
Hannes
^ permalink raw reply
* Re: [PATCH net-next v2] net: sctp: sctp_verify_init: clean up mandatory checks and add comment
From: Neil Horman @ 2013-08-27 14:11 UTC (permalink / raw)
To: Daniel Borkmann; +Cc: davem, netdev, linux-sctp
In-Reply-To: <1377612363-10779-1-git-send-email-dborkman@redhat.com>
On Tue, Aug 27, 2013 at 04:06:03PM +0200, Daniel Borkmann wrote:
> Add a comment related to RFC4960 explaning why we do not check for initial
> TSN, and while at it, remove yoda notation checks and clean up code from
> checks of mandatory conditions. That's probably just really minor, but makes
> reviewing easier.
>
> Signed-off-by: Daniel Borkmann <dborkman@redhat.com>
Thanks Daniel
Acked-by: Neil Horman <nhorman@tuxdriver.com>
^ permalink raw reply
* Re: [PATCH RFC net-next] net: epoll support for busy poll
From: Amir Vadai @ 2013-08-27 14:11 UTC (permalink / raw)
To: Eliezer Tamir
Cc: Eliezer Tamir, Willem de Bruijn, Eilon Greenstein, Eric Wong,
netdev@vger.kernel.org, e1000-devel@lists.sourceforge.net,
Eric Dumazet, linux-kernel@vger.kernel.org, David Miller
In-Reply-To: <521AEFC2.9010201@linux.intel.com>
On 26/08/2013 09:03, Eliezer Tamir wrote:
> On 26/08/2013 00:30, Amir Vadai wrote:
>> I'm on vacation, will test and have some inputs later this week when I be
>> back.
>>
> Hello Amir,
>
> Ping me when you get back and I will send you my latest so you can
> play with it.
>
Hi Eliezer,
You can send the latest version, so I can play with it and get some numbers.
Thanks,
Amir
^ permalink raw reply
* [PATCH net-next v2] net: sctp: sctp_verify_init: clean up mandatory checks and add comment
From: Daniel Borkmann @ 2013-08-27 14:06 UTC (permalink / raw)
To: davem; +Cc: netdev, linux-sctp
Add a comment related to RFC4960 explaning why we do not check for initial
TSN, and while at it, remove yoda notation checks and clean up code from
checks of mandatory conditions. That's probably just really minor, but makes
reviewing easier.
Signed-off-by: Daniel Borkmann <dborkman@redhat.com>
---
v1->v2: update comment as Neil suggested
net/sctp/sm_make_chunk.c | 26 ++++++++++++--------------
1 file changed, 12 insertions(+), 14 deletions(-)
diff --git a/net/sctp/sm_make_chunk.c b/net/sctp/sm_make_chunk.c
index 01e9783..e1c1531 100644
--- a/net/sctp/sm_make_chunk.c
+++ b/net/sctp/sm_make_chunk.c
@@ -2240,25 +2240,23 @@ int sctp_verify_init(struct net *net, const struct sctp_association *asoc,
struct sctp_chunk **errp)
{
union sctp_params param;
- int has_cookie = 0;
+ bool has_cookie = false;
int result;
- /* Verify stream values are non-zero. */
- if ((0 == peer_init->init_hdr.num_outbound_streams) ||
- (0 == peer_init->init_hdr.num_inbound_streams) ||
- (0 == peer_init->init_hdr.init_tag) ||
- (SCTP_DEFAULT_MINWINDOW > ntohl(peer_init->init_hdr.a_rwnd))) {
-
+ /* Check for missing mandatory parameters. Note: Initial TSN is
+ * also mandatory, but is not checked here since the valid range
+ * is 0..2**(32-1). RFC4960, section 3.3.3.
+ */
+ if (peer_init->init_hdr.num_outbound_streams == 0 ||
+ peer_init->init_hdr.num_inbound_streams == 0 ||
+ peer_init->init_hdr.init_tag == 0 ||
+ ntohl(peer_init->init_hdr.a_rwnd) < SCTP_DEFAULT_MINWINDOW)
return sctp_process_inv_mandatory(asoc, chunk, errp);
- }
- /* Check for missing mandatory parameters. */
sctp_walk_params(param, peer_init, init_hdr.params) {
-
- if (SCTP_PARAM_STATE_COOKIE == param.p->type)
- has_cookie = 1;
-
- } /* for (loop through all parameters) */
+ if (param.p->type == SCTP_PARAM_STATE_COOKIE)
+ has_cookie = true;
+ }
/* There is a possibility that a parameter length was bad and
* in that case we would have stoped walking the parameters.
--
1.7.11.7
^ permalink raw reply related
* Re: [PATCH net-next] net: sctp: sctp_verify_init: clean up mandatory checks and add comment
From: Daniel Borkmann @ 2013-08-27 13:59 UTC (permalink / raw)
To: Neil Horman; +Cc: davem, netdev, linux-sctp
In-Reply-To: <20130827134302.GB7619@hmsreliant.think-freely.org>
On 08/27/2013 03:43 PM, Neil Horman wrote:
> nit: If we're making this easier to review, I think the above would be easier to
> read if it said:
> Note: Initial TSN is also mandatory, but is not checked here since the valid
> range is 0..2**(32-1)
Ok, will send a v2 in a moment.
^ permalink raw reply
* Re: pcie_get_minimum_link returns 0 width
From: Bjorn Helgaas @ 2013-08-27 13:57 UTC (permalink / raw)
To: Yuval Mintz
Cc: jacob.e.keller@intel.com, linux-pci@vger.kernel.org,
netdev@vger.kernel.org, Jiang Liu
In-Reply-To: <979A8436335E3744ADCD3A9F2A2B68A52AD13FB9@SJEXCHMB10.corp.ad.broadcom.com>
[+cc Jiang]
On Tue, Aug 27, 2013 at 1:40 AM, Yuval Mintz <yuvalmin@broadcom.com> wrote:
>> On Mon, Aug 26, 2013 at 5:36 PM, Yuval Mintz <yuvalmin@broadcom.com>
>> wrote:
>> >> > Hi,
>> >> >
>> >> > I tried adding support for the newly added 'pcie_get_minimum_link' into
>> >> the
>> >> > bnx2x driver, but found out the some of my devices started showing
>> width
>> >> x0.
>> >> >
>> >> > By adding debug prints, I've found out there were devices up the chain
>> that
>> >> > Showed 0 when their PCI_EXP_LNKSTA was read by said function.
>> >> > However, when I tried looking via lspci the output claimed the width was
>> >> x4.
>> Looking at its implementation, one obvious difference is that
>> pcie_get_minimum_link() traverses up the hierarchy and keeps track of
>> the minimum values it finds. lspci, on the other hand, just reads
>> PCI_EXP_LNKSTA from a single device and decodes it.
>>
>> You said lspci reports x4 for every device from the Root Port all the
>> way down to your NIC, so I would think the minimum from
>> pcie_get_minimum_link() would be x4. But apparently it's not. Maybe
>> there's a bug in it. Can you post the complete "lspci -vv" output
>> along with your debug patch and output?
>>
>> Bjorn
>
> Here's the patch:
> ---
> drivers/pci/pci.c | 8 +++++++-
> 1 files changed, 7 insertions(+), 1 deletions(-)
>
> diff --git a/drivers/pci/pci.c b/drivers/pci/pci.c
> index c71e78c..72cb87b 100644
> --- a/drivers/pci/pci.c
> +++ b/drivers/pci/pci.c
> @@ -3601,13 +3601,19 @@ int pcie_get_minimum_link(struct pci_dev *dev, enum pci_bus_speed *speed,
> enum pcie_link_width next_width;
>
> ret = pcie_capability_read_word(dev, PCI_EXP_LNKSTA, &lnksta);
> - if (ret)
> + if (ret) {
> + printk(KERN_ERR "Failed to Read LNKSTA\n");
> return ret;
> + }
>
> next_speed = pcie_link_speed[lnksta & PCI_EXP_LNKSTA_CLS];
> next_width = (lnksta & PCI_EXP_LNKSTA_NLW) >>
> PCI_EXP_LNKSTA_NLW_SHIFT;
>
> + printk(KERN_ERR "LnkSta %04x [%04x:%02x.%02x]\n",
> + lnksta, dev->bus->number, PCI_SLOT(dev->devfn),
> + PCI_FUNC(dev->devfn));
I think pcie_cap_has_lnkctl() is incorrect: it currently thinks only
Root Ports, Endpoints, and Legacy Endpoints have link registers. But
I think switch ports (Upstream Ports and Downstream Ports) also have
link registers (PCIe spec r3.0, sec 7.8). Jiang?
> if (next_speed < *speed)
> *speed = next_speed;
>
> --
> 1.7.1
>
> And here are the lscpi results for 09:00.0 and 0a:01.0
> (The two devices for which the loop returns 0 width):
>
> Sysfs do read [Pos 0, len 64]
> 09:00.0 Class 0604: Device 8086:3500 (rev 01)
> Control: I/O+ Mem+ BusMaster+ SpecCycle- MemWINV- VGASnoop- ParErr+ Stepping- SERR+ FastB2B- DisINTx-
> Status: Cap+ 66MHz- UDF- FastB2B- ParErr- DEVSEL=fast >TAbort- <TAbort- <MAbort- >SERR- <PERR- INTx-
> Latency: 0, Cache Line Size: 64 bytes
> Bus: primary=09, secondary=0a, subordinate=11, sec-latency=0
> Memory behind bridge: fb800000-fd7fffff
> Secondary status: 66MHz- FastB2B- ParErr- DEVSEL=fast >TAbort- <TAbort- <MAbort+ <SERR- <PERR-
> BridgeCtl: Parity+ SERR+ NoISA- VGA- MAbort- >Reset- FastB2B-
> PriDiscTmr- SecDiscTmr- DiscTmrStat- DiscTmrSERREn-
> Capabilities: Sysfs do read [Pos 68, len 4]
> [44] Express (v1) Upstream Port, MSI 00
> Sysfs do read [Pos 72, len 16]
> DevCap: MaxPayload 256 bytes, PhantFunc 0, Latency L0s <64ns, L1 <1us
> ExtTag- AttnBtn- AttnInd- PwrInd- RBE- FLReset-SlotPowerLimit 0.000W
> DevCtl: Report errors: Correctable- Non-Fatal+ Fatal+ Unsupported-
> RlxdOrd- ExtTag- PhantFunc- AuxPwr- NoSnoop-
> MaxPayload 256 bytes, MaxReadReq 4096 bytes
> DevSta: CorrErr- UncorrErr- FatalErr+ UnsuppReq+ AuxPwr- TransPend-
> LnkCap: Port #0, Speed 2.5GT/s, Width x8, ASPM L0s, Latency L0 unlimited, L1 unlimited
> ClockPM- Surprise- LLActRep- BwNot-
> LnkCtl: ASPM Disabled; Disabled- Retrain- CommClk-
> ExtSynch- ClockPM- AutWidDis- BWInt- AutBWInt-
> LnkSta: Speed 2.5GT/s, Width x4, TrErr- Train- SlotClk+ DLActive- BWMgmt- ABWMgmt-
> Capabilities: Sysfs do read [Pos 112, len 4]
> [70] Power Management version 2
> Flags: PMEClk- DSI- D1- D2- AuxCurrent=0mA PME(D0+,D1-,D2-,D3hot+,D3cold+)
> Sysfs do read [Pos 116, len 4]
> Status: D0 NoSoftRst- PME-Enable- DSel=0 DScale=0 PME-
> Capabilities: Sysfs do read [Pos 128, len 4]
> [80] Sysfs do read [Pos 132, len 4]
> Subsystem: Device 0000:0000
> Sysfs do read [Pos 256, len 4]
> Capabilities: [100 v1] Advanced Error Reporting
> Sysfs do read [Pos 260, len 24]
> UESta: DLP- SDES- TLP- FCP- CmpltTO- CmpltAbrt- UnxCmplt- RxOF- MalfTLP- ECRC- UnsupReq+ ACSViol-
> UEMsk: DLP- SDES- TLP- FCP- CmpltTO- CmpltAbrt- UnxCmplt- RxOF- MalfTLP- ECRC- UnsupReq+ ACSViol-
> UESvrt: DLP+ SDES- TLP+ FCP+ CmpltTO+ CmpltAbrt+ UnxCmplt+ RxOF+ MalfTLP+ ECRC- UnsupReq+ ACSViol-
> CESta: RxErr- BadTLP- BadDLLP- Rollover- Timeout- NonFatalErr-
> CEMsk: RxErr+ BadTLP+ BadDLLP+ Rollover+ Timeout+ NonFatalErr-
> AERCap: First Error Pointer: 14, GenCap- CGenEn- ChkCap- ChkEn-
> Kernel driver in use: pcieport
> Kernel modules: shpchp
>
> Sysfs do read [Pos 0, len 64]
> 0a:01.0 Class 0604: Device 8086:3514 (rev 01)
> Control: I/O+ Mem+ BusMaster+ SpecCycle- MemWINV- VGASnoop- ParErr+ Stepping- SERR+ FastB2B- DisINTx-
> Status: Cap+ 66MHz- UDF- FastB2B- ParErr- DEVSEL=fast >TAbort- <TAbort- <MAbort- >SERR- <PERR- INTx-
> Latency: 0, Cache Line Size: 64 bytes
> Bus: primary=0a, secondary=0e, subordinate=10, sec-latency=0
> Memory behind bridge: fb800000-fd7fffff
> Secondary status: 66MHz- FastB2B- ParErr- DEVSEL=fast >TAbort- <TAbort- <MAbort+ <SERR- <PERR-
> BridgeCtl: Parity+ SERR+ NoISA- VGA- MAbort- >Reset- FastB2B-
> PriDiscTmr- SecDiscTmr- DiscTmrStat- DiscTmrSERREn-
> Capabilities: Sysfs do read [Pos 68, len 4]
> [44] Express (v1) Downstream Port (Slot-), MSI 00
> Sysfs do read [Pos 72, len 16]
> DevCap: MaxPayload 256 bytes, PhantFunc 0, Latency L0s <64ns, L1 <1us
> ExtTag- RBE- FLReset-
> DevCtl: Report errors: Correctable- Non-Fatal+ Fatal+ Unsupported-
> RlxdOrd- ExtTag- PhantFunc- AuxPwr- NoSnoop-
> MaxPayload 256 bytes, MaxReadReq 4096 bytes
> DevSta: CorrErr- UncorrErr- FatalErr- UnsuppReq- AuxPwr- TransPend-
> LnkCap: Port #2, Speed 2.5GT/s, Width x4, ASPM L0s, Latency L0 unlimited, L1 unlimited
> ClockPM- Surprise- LLActRep- BwNot-
> LnkCtl: ASPM Disabled; Disabled- Retrain- CommClk-
> ExtSynch- ClockPM- AutWidDis- BWInt- AutBWInt-
> LnkSta: Speed 2.5GT/s, Width x4, TrErr- Train- SlotClk+ DLActive- BWMgmt- ABWMgmt-
> Capabilities: Sysfs do read [Pos 96, len 4]
> [60] MSI: Enable- Count=1/1 Maskable- 64bit+
> Sysfs do read [Pos 100, len 10]
> Address: 0000000000000000 Data: 0000
> Capabilities: Sysfs do read [Pos 112, len 4]
> [70] Power Management version 2
> Flags: PMEClk- DSI- D1- D2- AuxCurrent=0mA PME(D0+,D1-,D2-,D3hot+,D3cold+)
> Sysfs do read [Pos 116, len 4]
> Status: D0 NoSoftRst- PME-Enable- DSel=0 DScale=0 PME-
> Capabilities: Sysfs do read [Pos 128, len 4]
> [80] Sysfs do read [Pos 132, len 4]
> Subsystem: Device 0000:0000
> Sysfs do read [Pos 256, len 4]
> Capabilities: [100 v1] Advanced Error Reporting
> Sysfs do read [Pos 260, len 24]
> UESta: DLP- SDES- TLP- FCP- CmpltTO- CmpltAbrt- UnxCmplt- RxOF- MalfTLP- ECRC- UnsupReq- ACSViol-
> UEMsk: DLP- SDES- TLP- FCP- CmpltTO- CmpltAbrt- UnxCmplt- RxOF- MalfTLP- ECRC- UnsupReq+ ACSViol-
> UESvrt: DLP+ SDES- TLP+ FCP+ CmpltTO+ CmpltAbrt+ UnxCmplt+ RxOF+ MalfTLP+ ECRC- UnsupReq+ ACSViol-
> CESta: RxErr- BadTLP- BadDLLP- Rollover- Timeout- NonFatalErr-
> CEMsk: RxErr+ BadTLP+ BadDLLP+ Rollover+ Timeout+ NonFatalErr-
> AERCap: First Error Pointer: 00, GenCap- CGenEn- ChkCap- ChkEn-
> Kernel driver in use: pcieport
> Kernel modules: shpchp
>
> Thanks,
> Yuval
>
^ permalink raw reply
* Re: [PATCH 3/3] [RFC] TCP syncookies: only allow 3 MSS values by default to mitigate spoofing attacks
From: Jiri Bohac @ 2013-08-27 13:52 UTC (permalink / raw)
To: Florian Westphal; +Cc: Jiri Bohac, Jakob Lell, netdev, davem
In-Reply-To: <20130816213101.GD5154@breakpoint.cc>
First of all - I don't really care about the default values as
long as they are tunable at run time. I'm fine with leaving the 8
valye MSS table as a default.
On Fri, Aug 16, 2013 at 11:31:01PM +0200, Florian Westphal wrote:
> Jiri Bohac <jbohac@suse.cz> wrote:
> > Rationale for the new values
> > - most packets are (1500 - headers); (1450 - headers) is not a huge waste and
> > prevents fallback to much lower values
>
> Still, 1410 seems weird.
I was thinking the path MTU would often be 1500 minus something
for various tunnelling/encapsualtion along the path. The packets
may have some options, so the 1450 was just a wild guess.
If we have only 3 differrent MSS values, I feel it is better to
waste 50 bytes on the "standard" 1500 MTU links instead of making
packets with options and tunelled traffic fall back to something
like 500.
> > - clients will rarely send MSS below 536, so that's a safe fallback
>
> Can you elaborate?
> You say 'is a safe fallback', yet it is removed in the patch?
Yeah, sorry, I was writing the patch description before the patch
itself; I noticed the 512 in the original table and thought it
would be a good idea to keep this.
> > - we need to keep the minimum (64)
I don't know - I could imagine there is some embedded hardware
that can't do fragmentation and advertises very low MSS instead, for
example. I just felt removing this fallback could break things.
I'm not sure.
--
Jiri Bohac <jbohac@suse.cz>
SUSE Labs, SUSE CZ
^ permalink raw reply
* Re: [PATCH net-next] net: sctp: sctp_verify_init: clean up mandatory checks and add comment
From: Neil Horman @ 2013-08-27 13:43 UTC (permalink / raw)
To: Daniel Borkmann; +Cc: davem, netdev, linux-sctp
In-Reply-To: <1377609830-10193-1-git-send-email-dborkman@redhat.com>
On Tue, Aug 27, 2013 at 03:23:50PM +0200, Daniel Borkmann wrote:
> Add a comment related to RFC4960 explaning why we do not check for initial
> TSN, and while at it, remove yoda notation checks and clean up code from
> checks of mandatory conditions. That's probably just really minor, but makes
> reviewing easier.
>
> Signed-off-by: Daniel Borkmann <dborkman@redhat.com>
> ---
> net/sctp/sm_make_chunk.c | 26 ++++++++++++--------------
> 1 file changed, 12 insertions(+), 14 deletions(-)
>
> diff --git a/net/sctp/sm_make_chunk.c b/net/sctp/sm_make_chunk.c
> index 01e9783..c6ca3c9 100644
> --- a/net/sctp/sm_make_chunk.c
> +++ b/net/sctp/sm_make_chunk.c
> @@ -2240,25 +2240,23 @@ int sctp_verify_init(struct net *net, const struct sctp_association *asoc,
> struct sctp_chunk **errp)
> {
> union sctp_params param;
> - int has_cookie = 0;
> + bool has_cookie = false;
> int result;
>
> - /* Verify stream values are non-zero. */
> - if ((0 == peer_init->init_hdr.num_outbound_streams) ||
> - (0 == peer_init->init_hdr.num_inbound_streams) ||
> - (0 == peer_init->init_hdr.init_tag) ||
> - (SCTP_DEFAULT_MINWINDOW > ntohl(peer_init->init_hdr.a_rwnd))) {
> -
> + /* Check for missing mandatory parameters. Note: Initial TSN is also
> + * mandatory, but not checked here since range is possible from 0 to
> + * 2**32-1 (4294967295), RFC4960 3.3.3.
> + */
nit: If we're making this easier to review, I think the above would be easier to
read if it said:
Note: Initial TSN is also mandatory, but is not checked here since the valid
range is 0..2**(32-1)
> + if (peer_init->init_hdr.num_outbound_streams == 0 ||
> + peer_init->init_hdr.num_inbound_streams == 0 ||
> + peer_init->init_hdr.init_tag == 0 ||
> + ntohl(peer_init->init_hdr.a_rwnd) < SCTP_DEFAULT_MINWINDOW)
> return sctp_process_inv_mandatory(asoc, chunk, errp);
> - }
>
> - /* Check for missing mandatory parameters. */
> sctp_walk_params(param, peer_init, init_hdr.params) {
> -
> - if (SCTP_PARAM_STATE_COOKIE == param.p->type)
> - has_cookie = 1;
> -
> - } /* for (loop through all parameters) */
> + if (param.p->type == SCTP_PARAM_STATE_COOKIE)
> + has_cookie = true;
> + }
>
> /* There is a possibility that a parameter length was bad and
> * in that case we would have stoped walking the parameters.
> --
> 1.7.11.7
>
> --
> To unsubscribe from this list: send the line "unsubscribe linux-sctp" in
> the body of a message to majordomo@vger.kernel.org
> More majordomo info at http://vger.kernel.org/majordomo-info.html
>
^ permalink raw reply
* Re: [PATCH 0/3] nfc: standardize logging styles
From: Samuel Ortiz @ 2013-08-27 13:42 UTC (permalink / raw)
To: Joe Perches
Cc: Paul Bolle, Lauro Ramos Venancio, Aloisio Almeida Jr,
linux-wireless, linux-nfc, linux-kernel, netdev
In-Reply-To: <cover.1365189658.git.joe@perches.com>
Hi Joe,
On Fri, Apr 05, 2013 at 12:27:36PM -0700, Joe Perches wrote:
> Fix some defects in the logging too
>
> Joe Perches (3):
> nfc: Replace nfc_dev_dbg with dev_dbg, remove function tracing
> nfc: Convert nfc_dev_info and nfc_dev_err to nfc_<level>
> nfc: Standardize logging style
All 3 patches applied, sorry for missing those ones.
Cheers,
Samuel.
--
Intel Open Source Technology Centre
http://oss.intel.com/
^ permalink raw reply
page: next (older) | prev (newer) | latest
- recent:[subjects (threaded)|topics (new)|topics (active)]
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox